# PhoenixNAP

**This section is for installing Pritunl Cloud on PhoenixNAP if you are using Azure or another provider skip to the next section.**

### Create IP Allocations

After creating an account on [**PhoenixNAP BMC**](https://bmc.phoenixnap.com/) first create a public IP allocation. These IPv4 addresses will be available to assign to instances in Pritunl Cloud. Open *Networking* -> *Public IP Allocations* then click *Add a Public IP Allocation*. Set the *Location* then set the *Version* to *IPv4* and select a size. The minimum useful size is a `/29` as the Pritunl Cloud host will need the first IP address. This IPv4 assignment will be shared between all servers in the region.

<figure><img src="/files/CTUgTjoyp6dw9EJN9tKT" alt=""><figcaption></figcaption></figure>

Then click *Add a Public IP Allocation* again and create a *IPv6* allocation in the same location. <mark style="color:orange;">**There is currently a bug with IPv6 networks on PhoenixNAP. This step must be completed after the server has been started. If the network has an IPv6 allocation it will not be displayed on the server deployment page.**</mark>

<figure><img src="/files/Xnj3q0DObjgx2NUAuZiL" alt=""><figcaption></figcaption></figure>

This will create 3 allocations. The first is the IPv4 public IP allocation. The `/58` IPv6 allocation is an account and region wide IPv6 block that is available for `/64` allocations. This allows creating 64 IPv6 allocations in each region.

### Create Network

The networks on PhoenixNAP are regional VLAN overlay networks that can then be attached to a server. This allows sharing IPv4 and IPv6 assignments between multiple servers in the region as well as providing local networking between the servers. Open the *Networking* -> *Networks* section then click *Create a Network*. Use the same *Location* and set the *Network Type* to *Private*. Then enter a name for the network and set the *VLAN ID* to a number below 100. The *Network CIDR* only needs to be large enough to assign an IP to each bare metal server. Instances running on the bare metal server will not be assigned IP addresses from this network.

<figure><img src="/files/oihFlgmZ4rxuT2Az6jqm" alt=""><figcaption></figcaption></figure>

Next click *Create a Network* again to create the public network. Use the same *Location* and set the *Network Type* to *Public*. Then enter a name for the network and set the *VLAN ID* to a number below 100 that is different from the previous network VLAN ID.

Select assign a public IPv4 allocation and select the allocation created earlier. Then select the public IPv6 allocation created earlier.

<figure><img src="/files/tmq7EF2B1nAss48C4a12" alt=""><figcaption></figcaption></figure>

This will then show the two networks in the *Public* and *Private* tabs. This network information will be needed later in the configuration. To create servers in other regions repeat the steps to create networks for each region.

### Deploying a Server

Open the *Servers* section and click *Deploy New Server*. Select the same *Location* that contains the networks. Select a billing model and instance type then select either *AlmaLinux 9* or *Oracle Linux 9*. Then click *Next*.

<figure><img src="/files/FEosPUA9U0g1KFVuZah2" alt=""><figcaption></figcaption></figure>

On the next page enter a *Hostname* and set *Software RAID* to *RAID 1*. Most of the servers will have two NVMe drives allowing for RAID 1, verify on the right side of the page. If there is not two drives use *No RAID*. Leave the *Root Partition* option empty then add *Public SSH Keys*. Note the username shown in the *Public SSH Keys* section. This will be the username needed to connect to the server.

<figure><img src="/files/d2TWMoN3TX17uUQBcmpn" alt=""><figcaption></figcaption></figure>

On the next page select *Do not assign a public IPv4 allocation* instead a public IP from the public network will be used. Click *Add to Network* then select the *Public Network* created in the previous steps. Then select the first IPv4 network segment and the first IP address from the segment. Click *Add to Network* in the *Private Networks* sections and select the private network created earlier. Leave the *Default Gateway* empty then click *Deploy New Server*.

<figure><img src="/files/TEFm4vSRf3XSTZ6WMsz8" alt=""><figcaption></figcaption></figure>

### Install Pritunl Cloud

The [**Installation documentation**](/kb/cloud/getting-started/installation.md) **has more information on the commands that will be run below. Refrence this for more information. This section also explains how to upgrade the MongoDB server. First install MongoDB inside Podman using the commands below.**

```sh
sudo dnf -y install git-core podman

git clone https://github.com/pritunl/toolbox.git
cd toolbox/mongodb-container
sudo podman build --rm --no-cache --pull -t mongo .
cd

sudo mkdir /var/lib/mongo
sudo chown 277:277 /var/lib/mongo
sudo tee /etc/containers/systemd/mongodb-podman.container << EOF
[Unit]
Description=MongoDB Podman Service

[Container]
Image=localhost/mongo
ContainerName=mongodb
Environment=DB_NAME=pritunl-cloud
Environment=CACHE_SIZE=1
User=mongodb
Volume=/var/lib/mongo:/data/db:Z
PublishPort=127.0.0.1:27017:27017
PodmanArgs=--cpus=1 --memory=2g

[Service]
Restart=always

[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl start mongodb-podman.service

sleep 3
sudo cat /var/lib/mongo/credentials.txt
```

Then install and start Pritunl Cloud with the commands below. Pritunl Cloud will automatically read the credentials from the path above if it exists. If the MongoDB database is hosted in another way add the MongoDB URI to `/etc/pritunl-cloud.json` .

```sh
sudo tee /etc/yum.repos.d/pritunl.repo << EOF
[pritunl]
name=Pritunl Repository
baseurl=https://repo.pritunl.com/stable/yum/almalinux/10/
gpgcheck=1
enabled=1
gpgkey=https://raw.githubusercontent.com/pritunl/pgp/master/pritunl_repo_pub.asc
EOF

sudo dnf -y update

sudo dnf -y remove iptables-services
sudo systemctl stop firewalld.service
sudo systemctl disable firewalld.service

sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
sudo setenforce 0

sudo dnf -y install iptables net-tools ipset ipvsadm xorriso qemu-kvm qemu-img swtpm swtpm-tools
sudo dnf -y install pritunl-cloud
sudo systemctl enable --now pritunl-cloud
```

### Configure Pritunl Cloud

First get the default password by running the command below. Then use this to login to the web console running on HTTPS port 443.

```
sudo pritunl-cloud default-password
```

Pritunl Cloud will attempt to read the PhoenixNAP network configuration from cloud-init this should still be verified or configured if the auto configuration failed. Open the *IP Blocks* tab in the Pritunl Cloud web console. Create a block for the public IPv4 addresses if it doesn't exist and fill in the fields. Set the *Network Mode* to *IPv4*. **The&#x20;*****VLAN*****&#x20;field should be blank, the block will attach to the VLAN interface and should not be set here. This option is for more advanced VLAN configurations that use bridge interfaces on the host.** The *Netmask* should match the *CIDR*, use the conversions below or use a subnet calculator for other CIDRs. The *IP Addresses* should contain the subnet and CIDR listed in the PhoenixNAP *CIDR* field. The *Gateway* should be one address after the address shown in the *CIDR* field. The *IP Excludes* should exclude the public IP of the PhoenixNAP server with a `/32` CIDR.

```
/28 - 255.255.255.240
/29 - 255.255.255.248
```

<figure><img src="/files/q6AVVEFMvBaZK7nagPgQ" alt=""><figcaption></figcaption></figure>

Then create or if it already exists verify a block for the IPv6 addresses. Set the *Network Mode* to *IPv6*. The *VLAN* field should be blank. Add the IPv6 `/64` from the PhoenixNAP *CIDR* field to *IPv6 Addresses*. Then copy that same address and remove the `/64` and add a `1` to the end for the *IPv6 Gateway*.

<figure><img src="/files/zoz1Zc4TjPtns1AwZx7q" alt=""><figcaption></figcaption></figure>

Once the blocks have been configured open the node settings in the *Nodes* tab. Set the *Network IPv4 Mode* and *Network IPv6 Mode* to *Static*. Remove the default `pritunlhost0` internal interface then set *Internal Interfaces* to the internal VLAN interface. This should display the private IPv4 address on the dropdown selection.

For the *External IPv4 Block Attachments* and *External IPv6 Block Attachments* select the external VLAN interface. This interface should display the public IPv4 address on the dropdown selection. Select the IPv4 and IPv6 blocks that were created in the previous step.

Multiple block attachments can be configured to add additional VLANs. This allows adding additional public IP addresses without losing the existing assignment.

Disable *Default instance public IPv4 address* and enable *Default instance public IPv6 address*. Then enable both *Jumbo frames* options.

<figure><img src="/files/0bqy80YEDVq0ggbCLTqS" alt="" width="440"><figcaption></figcaption></figure>

Open the *Datacenters* tab and verify the *Network Mode* is set to *VXLAN*.

<figure><img src="/files/gWGxZlX4KhNMDvYnvwQJ" alt=""><figcaption></figcaption></figure>

Open the *Authorities* tab. These store SSH credentials that will be applied to instances based on matched roles. If an instance has a role that matches the authority role that SSH key will be added to the instance under the `cloud` username. The name of the authority does not change the username it will always be the `cloud` user. Select the pre-created authority and paste your public SSH key in the *SSH Key* field and click *Save*. When creating an instance or pod add the `instance` role to include this SSH key to allow for SSH access.

<figure><img src="/files/zGq1mM4N4p7J7r7Q5031" alt=""><figcaption></figcaption></figure>

This completes the configuration for a Pritunl Cloud server on PhoenixNAP. The section linked below will explain creating a pod. These sections assumes instance public IPv4 and IPv6 addresses are not available. The YAML option `publicAddress: true` can be added to the pod specs to include a public IPv4 address on those pods.

<table data-view="cards"><thead><tr><th></th><th data-hidden data-card-cover data-type="files"></th><th data-hidden></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td><strong>Simple Web Server Pod</strong></td><td></td><td></td><td><a href="/pages/IRjMJ8dvXq57WrLRk0wT">/pages/IRjMJ8dvXq57WrLRk0wT</a></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pritunl.com/kb/cloud/platforms/phoenixnap.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.